package com.personal.common.util.session;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

public class SessionUtil {

	private static Map<String, String> ADMIN_SMS = new HashMap<String, String>();

	static {
		ADMIN_SMS.put("270711363@qq.com", "123321");
		ADMIN_SMS.put("864807207@qq.com", "123321");
		ADMIN_SMS.put("wuql@fadada.com", "123321");
		ADMIN_SMS.put("liush@fadada.com","030323");//刘爽
		ADMIN_SMS.put("13418730763","030323");//刘爽
		ADMIN_SMS.put("support@fadada.com", "123456");
		ADMIN_SMS.put("api@fadada.com", "123456");
	}

	/**
	 * 获取session中大小
	 * 
	 * @param request
	 * @param str
	 * @return
	 */
	public static Object getSession(HttpServletRequest request, String str) {
		return request.getSession().getAttribute(str);
	}

	/**
	 * 设置session值
	 * 
	 * @param request
	 * @param str
	 * @param obj
	 */
	public static void setSession(HttpServletRequest request, String str, Object obj) {
		request.getSession().setAttribute(str, obj);
	}
	
	/**
	 * 移除session值
	 * 
	 * @param request
	 * @param str
	 * @param obj
	 */
	public static void removeSession(HttpServletRequest request, String str) {
		request.getSession().removeAttribute(str);
	}
	
	/**
	 * 安全报告：会话标识未更新 严重性：中 风险： 可能会窃取或操纵客户会话和
	 * cookie，它们可能用于模仿合法用户，从而使黑客能够以该用户身份查看或变更用户记录以及执行事务 解决方式：登录之后更改会话标识符值
	 * 
	 * @date: 2015-3-19
	 * @author:cbz
	 */
	public static void updateSession(HttpServletRequest request) {
		try {
			request.getSession().invalidate();
		} catch (Exception e) {
			e.printStackTrace();
		}
		request.getSession(true);
	}
}
